Certified Information Systems Security Professional (CISSP) — Question 306

What is the overall goal of software security testing?

Answer options

• A. Identifying the key security features of the software
• B. Ensuring all software functions perform as specified
• C. Reducing vulnerabilities within a software system
• D. Making software development more agile

Correct answer: C

Explanation

The correct answer, C, emphasizes the importance of minimizing vulnerabilities to protect the software from potential threats. Options A and B focus on identifying features and ensuring functionality, which are not the main goals of security testing. Option D relates to development processes and does not directly address security concerns.